Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-2720 | 1 Huawei | 1 Fusionsphere Openstack | 2019-10-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| FusionSphere OpenStack V100R006C00 has an information exposure vulnerability. The software uses hard-coded cryptographic key to encrypt messages between certain components, which significantly increases the possibility that encrypted data may be recovered and results in information exposure. | |||||
| CVE-2017-8168 | 1 Huawei | 1 Fusionsphere Openstack | 2019-10-03 | 3.3 LOW | 4.3 MEDIUM |
| FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10 have an information leak vulnerability. Due to an incorrect configuration item, the information transmitted by a transmission channel is not encrypted. An attacker accessing the internal network may obtain sensitive information transmitted. | |||||
| CVE-2017-8191 | 1 Huawei | 1 Fusionsphere Openstack | 2017-12-29 | 4.3 MEDIUM | 5.9 MEDIUM |
| FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the cipher text and cause information leak on the transmission links. | |||||
| CVE-2017-8189 | 1 Huawei | 1 Fusionsphere Openstack | 2017-12-08 | 3.6 LOW | 6.0 MEDIUM |
| FusionSphere OpenStack V100R006C00SPC102(NFV)has a path traversal vulnerability. Due to insufficient path validation, an attacker with high privilege may exploit this vulnerability to cover some files, causing services abnormal. | |||||
| CVE-2017-8190 | 1 Huawei | 1 Fusionsphere Openstack | 2017-12-08 | 4.6 MEDIUM | 6.7 MEDIUM |
| FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software. | |||||